Forum Stats

  • 3,852,779 Users
  • 2,264,136 Discussions
  • 7,905,138 Comments

Discussions

OHS VirtualHost only SSL - redirect to equivalent of IIS HTTP Error 403.4 - Forbidden: SSL is requir

Hi,

I'm completely new to OHS and have been asked to ensure that a URL that goes to OHS should only be accessible on HTTPS, if accessed by HTTP it should go to the equivalent of IISs

HTTP Error 403.4 - Forbidden: SSL is required to view this resource.

As OHS is the frontend to our SOA installation we have specific files under /moduleconf/ for the virtualhosts, an example of one is below. 

Can anyone give me any clues/best practice to only allow this VirtualHost to be allowed on HTTPS/SSL and to not redirect non SSL to SSL but to an error page like the equivalent mentioned above.

Any guidance would be greatly appreciated.  Many thanks

<VirtualHost *:443>

  ServerName testhub.example.com:443

  RewriteEngine On

  RewriteOptions inherit

  RewriteRule ^$ /osb/hub.asmx [NC,P]

  RewriteRule ^/$ /osb/hub.asmx [NC,P]

  RewriteRule ^/hub\.asmx$ /osb/hub.asmx [NC,P]

<Location /sbinspection.wsil >

  SetHandler weblogic-handler

  WebLogicCluster OSB1:8011,OSB2:8011

</Location>

<Location /sbresource >

  SetHandler weblogic-handler

  WebLogicCluster OSB1:8011,OSB2:8011

</Location>

<Location /osb >

  SetHandler weblogic-handler

  WebLogicCluster OSB1:8011,OSB2:8011

</Location>

<Location /alsb >

  SetHandler weblogic-handler

  WebLogicCluster OSB1:8011,OSB2:8011

</Location>

<IfModule ossl_module>

  SSLEngine on

  SSLProtocol nzos_Version_1_0 nzos_Version_3_0_With_2_0_Hello nzos_Version_3_0

  SSLCipherSuite SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,TLS_RSA_WITH_AE

S_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA

  SSLVerifyClient none

  SSLWallet  "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/host"

  SSLProxyEngine On

  SSLProxyWallet  "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/host"

  SSLCRLCheck Off

</IfModule>

</VirtualHost>

Tagged:
This discussion has been closed.